Data sharing in the metaverse with key abuse resistance based on decentralized CP-ABE

TL;DR

This paper presents a decentralized data sharing system for the metaverse using CP-ABE enhanced with NIZK proofs and smart contracts to ensure confidentiality, accountability, and resistance to key abuse, supported by incentives and practical implementation.

Contribution

It introduces a novel integration of NIZK proofs with decentralized CP-ABE and smart contracts to address key abuse and authority accountability in metaverse data sharing.

Findings

Feasibility demonstrated through experiments

Enhanced security with NIZK-based accountability

Effective incentive mechanism for honest participation

Abstract

Data sharing is ubiquitous in the metaverse, which adopts blockchain as its foundation. Blockchain is employed because it enables data transparency, achieves tamper resistance, and supports smart contracts. However, securely sharing data based on blockchain necessitates further consideration. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising primitive to provide confidentiality and fine-grained access control. Nonetheless, authority accountability and key abuse are critical issues that practical applications must address. Few studies have considered CP-ABE key confidentiality and authority accountability simultaneously. To our knowledge, we are the first to fill this gap by integrating non-interactive zero-knowledge (NIZK) proofs into CP-ABE keys and outsourcing the verification process to a smart contract. To meet the decentralization requirement, we incorporate a decentralized CP-ABE scheme into the proposed data sharing system. Additionally, we provide an implementation based on smart contract to determine whether an access control policy is satisfied by a set of CP-ABE keys. We also introduce an open incentive mechanism to encourage honest participation in data sharing. Hence, the key abuse issue is resolved through the NIZK proof and the incentive mechanism. We provide a theoretical analysis and conduct comprehensive experiments to demonstrate the feasibility and efficiency of the data sharing system. Based on the proposed accountable approach, we further illustrate an application in GameFi, where players can play to earn or contribute to an accountable DAO, fostering a thriving metaverse ecosystem.